Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/UzqnhBm4Whl2GPn43_S9bGzq8Dc.roa
File: UzqnhBm4Whl2GPn43_S9bGzq8Dc.roa (raw, json)
Hash identifier: hnvfgHbf19pq9AsMSYSyPsdfX3oGH93X4oAZhDzzY78=
Subject key identifier: 53:3A:A7:84:19:B8:5A:19:76:18:F9:F8:DF:F4:BD:6C:6C:EA:F0:37
Certificate issuer: /CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Certificate serial: 0182828583BE72112CD0AC75C58F56273AD4
Authority key identifier: 9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/UzqnhBm4Whl2GPn43_S9bGzq8Dc.roa
Signing time: Tue 09 Aug 2022 12:12:43 +0000
ROA not before: Tue 09 Aug 2022 12:12:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33868
IP address blocks: 193.23.54.0/24 maxlen: 24
91.207.186.0/23 maxlen: 23
2a02:848::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:85:83:be:72:11:2c:d0:ac:75:c5:8f:56:27:3a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b6b7b3ea60efb4a579a4f5e237ea7a88d3bc078
Validity
Not Before: Aug 9 12:12:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=533aa78419b85a197618f9f8dff4bd6c6ceaf037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3f:ef:8a:0b:52:fb:9a:ff:a6:a8:4a:31:d5:
30:35:36:d1:4c:04:62:a0:a4:c8:57:f0:f3:4b:a5:
5e:8a:e0:56:5e:b1:68:54:41:b2:2b:f9:fd:8a:31:
a6:d5:14:ec:fd:05:97:83:ff:33:97:c5:0f:de:cc:
ea:67:81:a4:1a:07:bc:ce:34:17:53:bd:6e:d3:fc:
50:c1:7a:ed:7f:cd:0a:21:8f:ca:e9:62:a8:45:cb:
5c:b4:64:a5:d1:41:09:07:ae:08:db:65:bf:74:89:
0a:e0:8e:6d:5c:d3:50:ce:0c:8b:50:55:18:14:70:
59:6a:0d:5d:76:1e:71:df:28:88:ea:15:23:ba:60:
b0:41:e0:27:fa:d1:7c:bc:54:af:6c:89:9b:6d:6e:
53:37:bf:1a:05:7b:7f:ff:93:dc:73:72:c8:38:0d:
5e:2d:c1:62:99:3b:7d:96:25:06:16:53:cf:31:26:
59:c0:97:35:2f:21:99:d4:9f:46:cf:a8:7d:e7:9c:
ae:c6:2a:ec:37:e3:b1:50:01:96:09:d9:b9:18:ff:
a2:28:43:0a:85:45:d7:16:4b:d5:fe:38:6f:19:51:
86:0d:98:87:d7:df:98:d2:1a:a3:25:dd:4b:32:ac:
e7:b2:54:f6:61:64:fa:ba:3c:ac:b7:40:3a:47:a6:
3c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3A:A7:84:19:B8:5A:19:76:18:F9:F8:DF:F4:BD:6C:6C:EA:F0:37
X509v3 Authority Key Identifier:
keyid:9B:6B:7B:3E:A6:0E:FB:4A:57:9A:4F:5E:23:7E:A7:A8:8D:3B:C0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2t7PqYO-0pXmk9eI36nqI07wHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/UzqnhBm4Whl2GPn43_S9bGzq8Dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e27d71-efbc-47ef-9840-e74d8d1d4e02/1/m2t7PqYO-0pXmk9eI36nqI07wHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.186.0/23
193.23.54.0/24
IPv6:
2a02:848::/32
Signature Algorithm: sha256WithRSAEncryption
df:94:ab:43:f0:0b:94:b7:d4:d0:f4:c9:04:15:61:77:7e:21:
32:f6:fe:70:c3:e7:ac:3a:88:93:af:f9:1c:85:ae:86:0a:c2:
f5:97:be:fd:b5:45:cf:bf:64:6a:3b:a3:6f:0e:ac:a7:6d:42:
76:52:36:cf:8c:58:07:16:9f:63:11:dd:b2:da:41:8f:96:d9:
66:d3:f5:79:f2:e0:d9:00:c2:00:27:75:65:19:61:36:c0:8d:
5d:c9:8f:6c:0d:8b:d8:8c:0b:99:a9:0b:0a:8b:79:8b:cd:d0:
a1:d2:0d:8c:17:cb:cd:e7:dc:e1:11:23:a9:62:39:08:1a:76:
4d:24:39:5c:3e:cf:e7:de:7f:d5:65:4b:cf:d6:d7:55:8f:f4:
cd:e7:50:13:02:c7:2d:16:88:a8:ea:47:21:db:6f:73:de:2c:
e1:9e:bb:d2:34:01:df:43:4c:e2:d6:84:b4:93:42:6f:02:42:
9b:f5:17:db:d0:ba:eb:ab:8b:99:e7:18:4c:0f:96:38:e1:95:
2d:3b:ad:06:5f:23:7e:71:6f:f9:ea:d7:a5:36:0c:2c:f3:17:
10:c9:e0:cf:62:2d:de:7f:48:60:ee:e8:68:e6:19:2c:22:a4:
c1:dd:2a:36:00:18:13:ce:2b:32:a8:4d:3f:3e:0c:36:2e:7d:
51:d4:c0:b7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYKChYO+chEs0Kx1xY9WJzrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNmI3YjNlYTYwZWZiNGE1NzlhNGY1ZTIzN2VhN2E4OGQz
YmMwNzgwHhcNMjIwODA5MTIxMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzNhYTc4NDE5Yjg1YTE5NzYxOGY5ZjhkZmY0YmQ2YzZjZWFmMDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnT/vigtS+5r/pqhKMdUwNTbRTARi
oKTIV/DzS6VeiuBWXrFoVEGyK/n9ijGm1RTs/QWXg/8zl8UP3szqZ4GkGge8zjQX
U71u0/xQwXrtf80KIY/K6WKoRctctGSl0UEJB64I22W/dIkK4I5tXNNQzgyLUFUY
FHBZag1ddh5x3yiI6hUjumCwQeAn+tF8vFSvbImbbW5TN78aBXt//5Pcc3LIOA1e
LcFimTt9liUGFlPPMSZZwJc1LyGZ1J9Gz6h955yuxirsN+OxUAGWCdm5GP+iKEMK
hUXXFkvV/jhvGVGGDZiH19+Y0hqjJd1LMqznslT2YWT6ujyst0A6R6Y82wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFM6p4QZuFoZdhj5+N/0vWxs6vA3MB8GA1UdIwQY
MBaAFJtrez6mDvtKV5pPXiN+p6iNO8B4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAt
ZTc0ZDhkMWQ0ZTAyLzEvVXpxbmhCbTRXaGwyR1BuNDNfUzliR3pxOERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lMjdkNzEtZWZiYy00N2VmLTk4NDAtZTc0ZDhkMWQ0ZTAy
LzEvbTJ0N1BxWU8tMHBYbWs5ZUkzNm5xSTA3d0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW8+6AwQA
wRc2MA0EAgACMAcDBQAqAghIMA0GCSqGSIb3DQEBCwUAA4IBAQDflKtD8AuUt9TQ
9MkEFWF3fiEy9v5ww+esOoiTr/kcha6GCsL1l779tUXPv2RqO6NvDqynbUJ2UjbP
jFgHFp9jEd2y2kGPltlm0/V58uDZAMIAJ3VlGWE2wI1dyY9sDYvYjAuZqQsKi3mL
zdCh0g2MF8vN59zhESOpYjkIGnZNJDlcPs/n3n/VZUvP1tdVj/TN51ATAsctFoio
6kch229z3izhnrvSNAHfQ0zi1oS0k0JvAkKb9Rfb0Lrrq4uZ5xhMD5Y44ZUtO60G
XyN+cW/56telNgws8xcQyeDPYi3ef0hg7uho5hksIqTB3So2ABgTzisyqE0/Pgw2
Ln1R1MC3
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:00 2025 by rpki-client